From 14b0916516e6c2c6327300d1581b30b885400980 Mon Sep 17 00:00:00 2001
From: Zachary Carter <zack.carter@gmail.com>
Date: Tue, 22 May 2012 15:42:09 -0700
Subject: [PATCH] only forward on non-write wsapi requests

---
 lib/wsapi.js | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/lib/wsapi.js b/lib/wsapi.js
index 7b12c40e6..aa206d442 100644
--- a/lib/wsapi.js
+++ b/lib/wsapi.js
@@ -327,12 +327,14 @@ exports.setup = function(options, app) {
   app.use(function(req, resp, next) {
     var purl = url.parse(req.url);
 
-    if (options.router_mode) {
-      // skip wsapi request, let browserid middleware handle forwards
-      return next();
-    } else if (purl.pathname.substr(0, WSAPI_PREFIX.length) === WSAPI_PREFIX) {
+    if (purl.pathname.substr(0, WSAPI_PREFIX.length) === WSAPI_PREFIX) {
       const operation = purl.pathname.substr(WSAPI_PREFIX.length);
 
+      if (options.router_mode && -1 === forwardedOperations.indexOf(operation)) {
+        // skip wsapi request, let browserid middleware handle forwards
+        return next();
+      }
+
       // the fake_verification wsapi is implemented elsewhere.
       if (operation == 'fake_verification') return next();
 
-- 
GitLab